Affected by GO-2025-3736 and 1 other vulnerabilities

GO-2025-3736: Gokapi has stored XSS vulnerability in friendly name for API keys in github.com/forceu/gokapi

GO-2025-3737: Gokapi vulnerable to stored XSS via uploading file with malicious file name in github.com/forceu/gokapi

internal/

Details

Path	Synopsis
configuration
cloudconfig
configupgrade
database
database/dbabstraction
database/migration
database/provider/redis
database/provider/sqlite
setup
encryption
end2end
environment
flagparser
helper
systemd
logging
models
storage
chunking
filesystem
filesystem/interfaces
filesystem/localstorage
filesystem/s3filesystem
filesystem/s3filesystem/aws
processingstatus
processingstatus/pstatusdb
webserver
api
authentication
authentication/oauth
authentication/sessionmanager
downloadstatus
fileupload
headers
sse
ssl